Settings up Squid proxy server

Setting Up Your VPS as a Squid Proxy Server

August 20, 2018 – 07:06 am

Looking for a proxy server app that can be rapidly deployed on Linux?

Installing Squid on your low end box can provide your organization with a robust proxy server that can facilitate a secure Internet connection for your end users. Squid can also provide logging, access control and antivirus capabilities though such features are outside of the scope of this tutorial.

3 Simple Reasons to Install Squid
A proxy server facilitates and centralizes Internet traffic for your network. When you require your end users to connect to a corporate proxy server, you can:

Another added benefit of using a VPS as a proxy server is the speed provided by the app. Since Squid is lightweight, a low end box could easily become a proxy server for a small to medium sized business.

So, let’s get started!

How to Setup Squid on UbuntuReady to start setting up Squid as a proxy server? Here is a few things you need to know before beginning your installation of Squid on a Debian or Ubuntu VPS.

Step 1 – Spin up your VPS and Login with PuttyConfigure an SSH connection to your box with administrative privileges.

Step 2 – Install Squid
Squid can be found in Ubuntu repositories. The following commands must be run in order to make sure that you have up to date system before installing Squid. At the command line interface, type:

sudo apt-get upgrade
sudo apt-get update
sudo apt-get install squid

Tip: Copy the original file that would serve as a backup

sudo cp /etc/squid3/squid.conf.default

Step 3 – Setup Access Restrictions
A rookie mistake is to leave your new proxy server open to anonymous authentication.

The best way to secure your server is to register a free dynamic DNS from a provider like dynu.com. You can restrict access to your server by creating a white list for your organizations IP address with this service.

Step 4 – Configure Squid Proxy
The Squad configuration must first be edited.

Append this file: /etc/squid3/squid.conf

http_access allow client
acl client src 12.123.123.123# Home IP

Replace the word “client” with the hostname that identifies your hostname. Replace the 12.123.123.123 with the IP address of your remote site.

You may have to repeat this step to provide secured access to your dynamic DNS service. Instead of using src, you could use srcdomain and use the hostname of your dynamic DNS service to provide access.

Step 6 – Add the Proxy Into Your Browsers
If you have a Windows environment, you may want to issue a group policy object that requires your Internet browsers to use the IP address and ports that you’ve designated for Squid.

Note: Squid uses port 3128 by default.

Step 7 – Test Connectivity
Go to Google and type, what is my IP address? The answer is often displayed on the search engine result page. If all went well, you should receive the IP address of your low end box and not the IP address of your ISP.

Special NoteThis will be the first in a series of additional tutorials written by the staff at ColoCrossing. Be gentle, we’re new to the blogging thing. :)